[Pkg-voip-commits] [SCM] reSIProcate branch, debian-wheezy, updated. debian/1.8.2-1-27-g8eb7b50
Daniel Pocock
daniel at pocock.com.au
Sun Mar 17 11:34:12 UTC 2013
The following commit has been merged in the debian-wheezy branch:
commit 2f2885571166e2952bffc0e8d2fed3cf34e0fa38
Author: Daniel Pocock <daniel at pocock.com.au>
Date: Sun Mar 17 12:33:31 2013 +0100
Remove proxy-auth headers after validating them (Closes: #697341)
diff --git a/debian/changelog b/debian/changelog
index b18aa83..839b86d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+resiprocate (1.8.5-2) unstable; urgency=low
+
+ * Remove proxy-auth headers after validating them (Closes: #697341)
+
+ -- Daniel Pocock <daniel at pocock.com.au> Sun, 17 Mar 2013 12:30:47 +0100
+
resiprocate (1.8.5-1) unstable; urgency=low
* New upstream release
diff --git a/debian/patches/0001-remove-Proxy-Authorization-headers-for-successful-Di.patch b/debian/patches/0001-remove-Proxy-Authorization-headers-for-successful-Di.patch
new file mode 100644
index 0000000..e86a4bf
--- /dev/null
+++ b/debian/patches/0001-remove-Proxy-Authorization-headers-for-successful-Di.patch
@@ -0,0 +1,61 @@
+From: Daniel Pocock <daniel at pocock.com.au>
+Date: Sun, 17 Mar 2013 12:09:48 +0100
+Subject: remove Proxy-Authorization headers for successful Digest Challenges
+ before forwarding message (closes: #697341) (upstream: r9886, fixed
+ in v1.8.6)
+
+---
+ repro/monkeys/DigestAuthenticator.cxx | 29 ++++++++++++++++-------------
+ 1 file changed, 16 insertions(+), 13 deletions(-)
+
+diff --git a/repro/monkeys/DigestAuthenticator.cxx b/repro/monkeys/DigestAuthenticator.cxx
+index c3a8af3..fbaa5e9 100644
+--- a/repro/monkeys/DigestAuthenticator.cxx
++++ b/repro/monkeys/DigestAuthenticator.cxx
+@@ -116,7 +116,6 @@ DigestAuthenticator::process(repro::RequestContext &rc)
+ pair<Helper::AuthResult,Data> result =
+ Helper::advancedAuthenticateRequest(*sipMessage, realm, a1, 3000); // was 15
+
+-// Auths &authHeaders = sipMessage->header(h_ProxyAuthorizations);
+ switch (result.first)
+ {
+ case Helper::Failed:
+@@ -135,22 +134,26 @@ DigestAuthenticator::process(repro::RequestContext &rc)
+
+ // Delete the Proxy-Auth header for this realm.
+ // other Proxy-Auth headers might be needed by a downsteram node
+-/*
+- Auths::iterator i = authHeaders.begin();
+- Auths::iterator j = authHeaders.begin();
+- while( i != authHeaders.end() )
++ if (sipMessage->exists(h_ProxyAuthorizations))
+ {
+- if (proxy.isMyDomain(i->param(p_realm)))
+- {
+- j = i++;
+- authHeaders.erase(j);
+- }
+- else
++ Auths &authHeaders = sipMessage->header(h_ProxyAuthorizations);
++ Data realm = getRealm(rc);
++
++ // if we find a Proxy-Authorization header for a realm we handle,
++ // asynchronously fetch the relevant userAuthInfo from the database
++ for (Auths::iterator i = authHeaders.begin(); i != authHeaders.end(); )
+ {
+- ++i;
++ if(i->exists(p_realm) && isEqualNoCase(i->param(p_realm), realm))
++ {
++ i = authHeaders.erase(i);
++ }
++ else
++ {
++ ++i;
++ }
+ }
+ }
+-*/
++
+ if(!sipMessage->header(h_From).isWellFormed() ||
+ sipMessage->header(h_From).isAllContacts())
+ {
--
reSIProcate
More information about the Pkg-voip-commits
mailing list